From af7b4db062f81b93d7b0309cac3be42586f1a4dd Mon Sep 17 00:00:00 2001
From: Ben <zyhfish@163.com>
Date: Mon, 23 Dec 2024 22:10:51 +0800
Subject: [PATCH] Fix #4947: check the 2FA settings.

---
 Oqtane.Server/Managers/UserManager.cs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Oqtane.Server/Managers/UserManager.cs b/Oqtane.Server/Managers/UserManager.cs
index 7745f429..fa265f19 100644
--- a/Oqtane.Server/Managers/UserManager.cs
+++ b/Oqtane.Server/Managers/UserManager.cs
@@ -512,7 +512,10 @@ namespace Oqtane.Managers
             user = _users.GetUser(user.Username);
             if (user != null)
             {
-                if (user.TwoFactorRequired && user.TwoFactorCode == token && DateTime.UtcNow < user.TwoFactorExpiry)
+                var alias = _tenantManager.GetAlias();
+                var twoFactorSetting = _settings.GetSetting(EntityNames.Site, alias.SiteId, "LoginOptions:TwoFactor")?.SettingValue ?? "false";
+                var twoFactorRequired = twoFactorSetting == "required" || user.TwoFactorRequired;
+                if (twoFactorRequired && user.TwoFactorCode == token && DateTime.UtcNow < user.TwoFactorExpiry)
                 {
                     user.IsAuthenticated = true;
                 }